CVE-2024-23953 | Apache Hive 2.2.x/3.x LlapSignerImpl Arrays.equals integrity check

CVE-2024-23953 | Apache Hive 2.2.x/3.x LlapSignerImpl Arrays.equals integrity check

A vulnerability, which was classified as problematic, was found in Apache Hive 2.2.x/3.x. Affected is the function Arrays.equals of the component LlapSignerImpl. The manipulation leads to improper validation of integrity check value. This vulnerability is traded as CVE-2024-23953. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.